I don’t know when the automotive guys decided to start using the acronym FuSa to mean functional safety. I brought it up once at an IEC 61508 international committee meeting in Vienna and only one member present said they had even heard of the acronym FuSa. While I don’t like the acronym FuSa I still found it hard to believe it was that unknown, but coming from an IC background, in a company that does functional safety for many domains including industrial and automotive perhaps I was more likely than most present to have come across it.
I have to admit when I talk to someone or read something about functional safety and they use FuSa I immediately think to myself that the person is from an automotive functional safety background and wonder if they appreciate the differences between ISO 26262 and IEC 61508. With this in mind I also tell our internal people not to use FuSa on industrial functional related papers or documents.
To see if I am going mad or just prejudiced against automotive guys I decided to look for some evidence on the topic.
My first training course in functional safety was with Technis and David Smiths book was one of the first on functional safety (see “The Safety Critical Systems Handbook” on Amazon).
Figure 5 - From the Safety Critical Systems Handbook
The book “Practical machinery safety” uses the terms ST and FS to differentiate between safety and standard functions.
Figure 6 - From the book "Practical Machinery Safety"
Figure 7 - From our colleagues in Exida
At this point you are probably thinking I imagined all this FuSa stuff and to be honest I was beginning to wonder myself, so I did a quick Google search to double check.
Figure 8 - the outcome of a Google search for "FuSa" ISO26262
A more serious future blog will be how to treat ICs developed to ISO 26262 which we want to market for applications requiring IEC 61508 compliance. Another good one might be to check if fault injection and fault insertion are the same thing and another one which someone mentioned to me recently is that ISO 26262 refers to faults (single point fault metric, safe faults…) and IEC 61508 to failure (safe failure fraction, safe failure…). Vive la difference as the confusion helps keep us functional safety people in jobs.